Computational and Behavioral Trust Assurance by Utilizing Profile-based Risk Assessments: The CATM Methodology

Khalil Abuosba
2016 Journal of Internet Technology and Secured Transaction  
Communication within a distributed system may be abstracted as an interaction of two endpoints of communications that traverse through intermediary nodes. With the explosion of new applications and services in the Internet as well as the new capabilities of the sensor-based and data-driven services, that are described as the Internet of Things (IoT), a major requirement arises that should facilitate trust between endpoints of communication. Security issues arise due to occurrence of incidents
more » ... at compromise computational and behavioral trusts. In distributed systems endpoints of communications might consume or provide services as well as exchange messages between senders and recipients. A major issue in all types of interactions is to convey trust between any two points of communication. These systems are deployed based on different architectures. Within the Internet systems require assurance prior communications processes occur. This research introduce a trust management approach that can be utilized by any node that communication within a distributed system. The methodology utilizes a profile-based approach to achieve high level of assurance process that can achieve any security requirement including confidentiality, availability, authenticity, integrity, and non-repudiation. It allows the abstraction and inclusion of different attributes of both computational and behavioral trusts. The approach is extensible in nature, where modular security requirements are added as needed. The methodology can be utilized as a gatekeeper and as an access control mechanism. The methodology is an application layer solution of the OSI model that defines five building blocks: profile definition, profile abstraction, profile exchange, profile verification, and trust evaluation. The methodology requires extensible implementation in order to guarantee interoperability.
doi:10.20533/jitst.2046.3723.2016.0056 fatcat:xaknquodfvh3jftzfscno3xxpm